CVE-2026-23070

Description

In the Linux kernel, the following vulnerability has been resolved:Octeontx2-af: Add proper checks for fwdatafirmware populates MAC address, link modes (supported, advertised)and EEPROM data in shared firmware structure which kernel accessvia MAC block(CGX/RPM).Accessing fwdata, on boards booted with out MAC block leading tokernel panics.Internal error: Oops: 0000000096000005 [#1] SMP[ 10.460721] Modules linked in:[ 10.463779] CPU: 0 UID: 0 PID: 174 Comm: kworker/0:3 Not tainted 6.19.0-rc5-00154-g76ec646abdf7-dirty #3 PREEMPT[ 10.474045] Hardware name: Marvell OcteonTX CN98XX board (DT)[ 10.479793] Workqueue: events work_for_cpu_fn[ 10.484159] pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)[ 10.491124] pc : rvu_sdp_init+0x18/0x114[ 10.495051] lr : rvu_probe+0xe58/0x1d18

Risk Information

Base Score

5.5

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.026

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234